Network Problem Diagnostics

A complete guide to using Ping and Traceroute

Introduction

When problems occur with an internet connection or access to specific resources, system administrators and technical specialists use two main diagnostic tools: ping and traceroute (tracert in Windows). These utilities help determine exactly where the problem occurs: on your computer, in the local network, at the provider, or on the remote resource side.

Ping Utility

Ping (Packet InterNet Groper) is a utility used to check the availability of a network host and measure packet round-trip time.

How does Ping work?

Ping sends ICMP packets (Internet Control Message Protocol) of the "Echo Request" type to the specified IP address or domain name. If the host is available, it responds with "Echo Reply" packets.

Basic syntax

ping [options] [host/IP address]

Usage examples

ping google.com
ping 8.8.8.8
ping -c 5 google.com
ping -n 5 google.com

Analyzing Ping results

Parameter Description Meaning
Response time Time between sending and receiving a packet The lower, the better (usually <100 ms)
TTL (Time To Live) Maximum number of hops between nodes Shows how many "hops" the packet has passed
Packet loss Percentage of unconfirmed packets 0% is ideal, >5% may indicate problems
Tip: If ping to an IP address works, but ping to a domain name does not, the problem may be DNS-related.

Traceroute Utility (Tracert)

Traceroute (tracert in Windows) is a tool used to determine the route packets take from your computer to the target host.

How does Traceroute work?

Traceroute sends a series of packets with a gradually increasing TTL (Time To Live). Each router on the path decreases the TTL by 1. When the TTL reaches 0, the router sends back a "Time Exceeded" message.

Basic syntax

traceroute [host/IP address]
tracert [host/IP address]

Usage examples

traceroute google.com
tracert 8.8.8.8
traceroute -n google.com
tracert -d google.com

Analyzing Traceroute results

Field Description
Hop number Sequential number of the router on the path
IP address/name Address of an intermediate node
Response time Time taken to reach this node (usually 3 measurements)
* * * The node did not respond. It may be protected from ICMP requests
Important: Some routers intentionally do not respond to ICMP requests, especially outside your network, so asterisks (*) do not always mean there is a problem.

How to identify the problematic section?

  1. Find the last responding node before the asterisks
  2. Compare response times before and after the problematic section
  3. Check whether the problem repeats after several runs

Practical diagnostic examples

Scenario 1: A website does not open

  1. Try pinging the website: ping example.com
  2. If ping does not work, try pinging an IP address, for example 8.8.8.8 for Google DNS
  3. If the IP address responds but the domain name does not, the problem is DNS-related
  4. If neither the IP address nor the domain responds, run traceroute

Scenario 2: Slow connection

  1. Run ping with a large number of packets: ping -c 100 example.com
  2. Check the packet loss percentage and response time variation (jitter)
  3. Run traceroute and look for hops with high response times

Scenario 3: Problems connecting to VPN

  1. Check ping to the VPN server
  2. Run traceroute to the VPN server
  3. Compare the route when the VPN works and when it does not

Additional features

Advanced Ping options

Option Description
-i (Linux) / -l (Windows) Set packet size, for example ping -s 1500
-f (Linux) Set the "Don't Fragment" flag
-t (Windows) Continuous ping. Stop with Ctrl+C

Advanced Traceroute options

Option Description
-I (Linux) Use ICMP instead of UDP
-T (Linux) Use TCP SYN. Useful for bypassing some filtering
-p (Linux) Specify a port for TCP traceroute

Graphical alternatives

For users who prefer a graphical interface: